package com.tomowork.shiroRealm;

import com.google.common.collect.Lists;
import com.tomowork.dao.IPermissionDAO;
import com.tomowork.entity.Permission;
import com.tomowork.entity.User;
import com.tomowork.service.IPermissionService;
import com.tomowork.service.IUserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@Component
public class MyRealm extends AuthorizingRealm {
    @Autowired
    private IUserService iUserService ;
    @Autowired
    private IPermissionService iPermissionService ;

    public MyRealm(){

    }
    public MyRealm(CacheManager cacheManager){
        super(cacheManager);
    }

    //进行认证，判断用户是否登录
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //authenticationToken是用户表单输入的数据
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        //从authenticationToken中获取用户输入的内容
        String username = token.getUsername();
        String password = String.valueOf(token.getPassword());

        User user = iUserService.selectByUsernameAndPwd(username) ;

        if(user==null){ //表示账户不存在
            return null ;
        }
        String dbUsername = user.getUsername() ;
        String dbPassword = user.getPassword() ;
        String inputPassword = new Md5Hash(password,dbUsername,10).toString() ;
        if (!inputPassword.equals(dbPassword)){
            throw new IncorrectCredentialsException() ;
        }
        AuthenticationInfo info = new SimpleAuthenticationInfo(user,password,getName()) ;
        return info;
    }

    //进行授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//        当用户认证登录成功之后，从AuthenticationInfo，可以取出当前的用户
        User sessionUser = (User) principalCollection.getPrimaryPrincipal();
        String userId = sessionUser.getId();

        List<Permission> permisstionList = iPermissionService.findPermissionListByUserId(userId) ;
        List<String> percodeList = Lists.newArrayList() ;
        Iterator<Permission> iterator = permisstionList.iterator();
        while(iterator.hasNext()){
            percodeList.add(iterator.next().getPercode()) ;
        }
        SimpleAuthorizationInfo info =new SimpleAuthorizationInfo() ;
        info.addStringPermissions(percodeList);
        return info ;
    }


    public void clearCache(){
        PrincipalCollection principals = SecurityUtils.getSubject().getPrincipals();
        super.clearCache(principals);
    }

}
